Karim Eldefrawy

Cryptography, Cybersecurity, Privacy

Co-founder and CTO at Confidencial.io
2017-2021: SRI
2011-2016: HRL Laboratories
2006-2010: PhD@UC Irvine

Scientific curiosity

Scientific knowledge map · Paper #18

Secure and Privacy-Preserving Querying of Content in MANETs

Karim Eldefrawy and Gavin Holland

2012 · IEEE International Conference on Technologies for Homeland Security (HST)

  • Theory
  • protocol

What does the paper try to establish?

How can a node locate distributed MANET content through direct queries or subscriptions without revealing its search terms or access pattern to honest-but-curious peers, while ensuring it learns only fields authorized by policy?

What is the proposed answer?

The paper composes secure pattern matching with a query-policy enforcement mechanism. Encrypted metadata queries support both PULL and PUSH discovery, while attribute keys and additive shares let a requester reconstruct an answer only when authorized for every selected field. The design is a protocol architecture under an honest-but-curious model; the audited paper does not supply a reduction-style security proof, implementation, or performance evaluation.

Abstract

Ensuring security and privacy of content in a mobile ad-hoc network (MANET) is a challenging problem, especially when that content is distributed over the network using some form of peer-to-peer dissemination scheme. Since cooperation among nodes is vital in MANETs, the capture or compromise of a single node not only exposes locally cached content, but also allows an adversary to interrogate the network with the authority of an insider, acquiring important information such as content access patterns, popularity and location. Previous work in MANETs has predominantly focused on providing solutions for security and anonymity of routing protocols, confidentiality, and key management. In this paper, we present protocols that provide the ability to securely and privately locate content for two common peer-to-peer dissemination operations: publish/subscribe (content PUSH), and direct query (content PULL).

Provenance: Transcribed from the public author-uploaded full text; only typography, discretionary hyphenation, and line-break artifacts were normalized. Local file fixity has not been recorded.

Six dimensions, kept separate

The chart summarizes documented evidence and process. It is not a correctness probability, confidence score, or ranking, and no composite score is calculated.

The visual spider chart requires JavaScript. The complete values and rationales follow in text.

LowMediumHighN/A = not assessed

A smaller value means less documented support for that dimension, not that the paper is false or unimportant.

Epistemic evidence Low

The paper gives a concrete compositional protocol architecture and explicit honest-but-curious scope, but no formal reduction, implementation, simulation, benchmark, or independent validation is supplied.

Content-centric MANET and honest-but-curious model Query-policy enforcement construction PULL query and PUSH subscription protocols Security scope, dependencies, and conclusion
Auditability High

A complete author-uploaded full text makes the model, data structures, and protocol flows directly inspectable. No immutable local binary, code, test vectors, or proof artifact is recorded.

Problem and PUSH/PULL contribution PULL query and PUSH subscription protocols Security scope, dependencies, and conclusion
Production provenance Medium

Named authorship, an author-uploaded paper, and the IEEE DOI establish baseline provenance. Contributor roles, revision history, key-policy artifacts, and tool use are not documented.

Problem and PUSH/PULL contribution Official peer-reviewed publication record
External scrutiny Medium

Publication at IEEE HST indicates venue scrutiny, but review reports, corrections, formal follow-up, independent analysis, and implementation evidence were not located.

Official peer-reviewed publication record
Reception Low

ResearchGate displayed zero resolved citations on 2026-07-11, which falls in the rubric's 0-8 low band. This index-specific result is not proof that no citation exists elsewhere.

Citation-count snapshot
Contribution significance Medium

The paper connects private search and field-level authorization to both PUSH and PULL MANET workflows, but feasibility and security remain unvalidated beyond the construction-level argument.

Problem and PUSH/PULL contribution Query-policy enforcement construction PULL query and PUSH subscription protocols Security scope, dependencies, and conclusion

Assessment: Ai draft author review pending · 2026-07-11 · rubric 0.2. These dimensions describe documented support and process, not truth, correctness, or a universal ranking. No composite score is calculated.

Hierarchical knowledge map

Collapse a branch for a top-level reading, or follow its source links and child nodes to audit the evidence and boundaries underneath it.

paper

Private MANET content discovery

A protocol architecture for privately finding and selectively revealing peer-to-peer content in mobile ad hoc networks.

Problem and PUSH/PULL contribution
  1. question

    Research question

    research question

    Can content be queried or subscribed to without exposing search terms, matches, locations, or unauthorized fields to intermediate and responding peers?

    Problem and PUSH/PULL contribution
  2. scope Content-centric MANET setting explicitly scoped

    Content and metadata are replicated among cooperating peers without fixed infrastructure, and a compromised or curious node may observe searches and cached material.

    Content-centric MANET and honest-but-curious model
    1. threat model

      Honest-but-curious participants

      defined

      Participants follow the specified protocol but try to infer queries, matches, content location, popularity, or unauthorized attributes from messages and local state. Malicious deviation is not addressed.

      Content-centric MANET and honest-but-curious model
  3. primitive

    Secure pattern matching

    assumed from prior work

    The construction assumes a secure pattern-matching primitive supporting exact, wildcard, substring, and range-style metadata queries while hiding the pattern from the holder.

    Secure pattern-matching building block
  4. scheme

    Query-policy enforcement

    proposed

    The responder encrypts the answer under a one-time key, divides that key into additive shares for requested attributes, and encrypts each share under the corresponding attribute key; reconstruction succeeds only with all required authorizations.

    Query-policy enforcement construction
  5. data model

    Protected content record

    specified

    Metadata carries description, tags, group, index, and a globally unique identifier; content is encrypted, a hash binds the ciphertext, and a signature authenticates the metadata record.

    Encrypted content and metadata representation
  6. protocol

    Private PULL query

    proposed

    A requester disseminates an encrypted query; peers securely match it against metadata and return encrypted match indicators or references that only an authorized requester can interpret.

    PULL query and PUSH subscription protocols
  7. protocol

    Private PUSH subscription

    proposed

    A node advertises an encrypted interest, and newly generated content is privately matched to that interest before an authorized result is returned.

    PULL query and PUSH subscription protocols

Source index

Locators state the depth of the current audit. PDF page numbers, where present, are one-based file pages; metadata-, summary-, and abstract-bounded records explicitly identify their limitations.

  1. Problem and PUSH/PULL contribution Abstract and Section I, conference PDF pages 1-2 in the author-uploaded full text
  2. Content-centric MANET and honest-but-curious model Section II, especially Section II.B, conference PDF pages 2-3
  3. Secure pattern-matching building block Section III.A, conference PDF page 3
  4. Query-policy enforcement construction Section III.B, conference PDF pages 3-4
  5. Encrypted content and metadata representation Section III.C, conference PDF page 4
  6. PULL query and PUSH subscription protocols Section III.D, conference PDF pages 4-5
  7. Security scope, dependencies, and conclusion Sections II-III and conclusion, author-uploaded conference full text
  8. Official peer-reviewed publication record IEEE HST 2012, DOI record
  9. Citation-count snapshot ResearchGate reported that it had not resolved citations and displayed Citations (0), observed 2026-07-11; this is index-specific.